#include <assert.h>
#include <errno.h>
#include <time.h>
+#ifdef HAVE_LIBPSL
+# include <libpsl.h>
+#endif
#include "utils.h"
#include "hash.h"
#include "cookies.h"
int port; /* port number */
char *path; /* path prefix of the cookie */
- unsigned discard_requested :1; /* whether cookie was created to
+ unsigned discard_requested :1;/* whether cookie was created to
request discarding another
cookie. */
/* Check if expiration spec is valid.
If not, assume default (cookie doesn't expire, but valid only for
- this session.) */
+ this session.) */
expires = http_atotm (value_copy);
if (expires != (time_t) -1)
{
#define REQUIRE_DIGITS(p) do { \
- if (!c_isdigit (*p)) \
+ if (!c_isdigit (*p)) \
return false; \
- for (++p; c_isdigit (*p); p++) \
+ for (++p; c_isdigit (*p); p++) \
; \
} while (0)
static bool
check_domain_match (const char *cookie_domain, const char *host)
{
+
+#ifdef HAVE_LIBPSL
DEBUGP (("cdm: 1"));
+ const psl_ctx_t *psl;
+ int is_acceptable;
+
+ if (!(psl = psl_builtin()))
+ {
+ DEBUGP (("\nlibpsl not built with a public suffix list. "
+ "Falling back to simple heuristics.\n"));
+ goto no_psl;
+ }
+
+ is_acceptable = psl_is_cookie_domain_acceptable (psl, host, cookie_domain);
+ return true ? (is_acceptable == 1) : false;
- /* Numeric address requires exact match. It also requires HOST to
- be an IP address. */
- if (numeric_address_p (cookie_domain))
- return 0 == strcmp (cookie_domain, host);
+no_psl:
+#endif
- DEBUGP ((" 2"));
+ /* For efficiency make some elementary checks first */
+ DEBUGP (("cdm: 2"));
/* For the sake of efficiency, check for exact match first. */
if (0 == strcasecmp (cookie_domain, host))